[Touch-packages] [Bug 1665893] Re: DNS resolution of VPN hosts stopped working
*** This bug is a duplicate of bug 1667825 *** https://bugs.launchpad.net/bugs/1667825 I am running into DNS issues with OpenVPN as well. When connected `dig ddg.gg` fails, but `dig ddg.gg @8.8.8.8` works. This started after running updates yesterday. I can't tell if bug #1667825 is the same issue, but I get the same problem regardless of whether I start OpenVPN from the command line or via the Network-Manager. (I'm not sure if the latter makes the connection 'managed' or not.) Can this issue be scaled up in importance if confirmed? Users not being able to use a VPN service (e.g., in a place with free public wifi) is a huge security risk! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1665893 Title: DNS resolution of VPN hosts stopped working Status in dnsmasq package in Ubuntu: Confirmed Bug description: I have been using 17.04 for a few weeks now, but a recent update seems to have broken DNS resolution for VPN hosts. The local network is 192.168.50.*, with DNS at 192.168.50.2. The remote network is 192.168.0.*, with DNS at 192.168.0.2. I can ping remote hosts, but I can't resolve their names, although syslog says the following: systemd-resolved[2865]: Switching to DNS server 192.168.0.2 for interface tun0. The remote DNS domain is ozone.caligrafix.cl. Here is what does and doesn't work, using a valid remote host name (cali00): dig cali00: fails dig cali00.ozone.caligrafix.cl: fails dig cali00 @192.168.0.2: works dig cali00.ozone.caligrafix.cl @192.168.0.2: works Here is the complete log of VPN connection setup: Feb 18 11:56:34 tadzim3 NetworkManager[2242]: [1487429794.9928] audit: op="connection-activate" uuid="ae3693ea-df59-414e-95a8-bf280a65b8db" name="cali-fw" pid=4439 uid=1000 result="success" Feb 18 11:56:34 tadzim3 NetworkManager[2242]: [1487429794.9976] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: Started the VPN service, PID 7173 Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.0048] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: Saw the service appear; activating connection Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.1165] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN plugin: state changed: starting (3) Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.1170] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN connection: (ConnectInteractive) reply received Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 10 2017 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: TCP/UDP: Preserving recently used remote address: [AF_INET]186.103.161.74:25402 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: UDP link local: (not bound) Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: UDP link remote: [AF_INET]186.103.161.74:25402 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Feb 18 11:56:36 tadzim3 nm-openvpn[7180]: [cali-fw-vpn] Peer Connection Initiated with [AF_INET]186.103.161.74:25402 Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: TUN/TAP device tun0 opened Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --debug 0 7173 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_6 --tun -- tun0 1500 1558 10.8.1.2 255.255.255.0 init Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1267] manager: (tun0): new Tun device (/org/freedesktop/NetworkManager/Devices/7) Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1368] devices added (path: /sys/devices/virtual/net/tun0, iface: tun0) Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1368] device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found. Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1443] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN connection: (IP Config Get) reply received. Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1463]
[Touch-packages] [Bug 1665893] Re: DNS resolution of VPN hosts stopped working
*** This bug is a duplicate of bug 1667825 *** https://bugs.launchpad.net/bugs/1667825 Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: dnsmasq (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1665893 Title: DNS resolution of VPN hosts stopped working Status in dnsmasq package in Ubuntu: Confirmed Bug description: I have been using 17.04 for a few weeks now, but a recent update seems to have broken DNS resolution for VPN hosts. The local network is 192.168.50.*, with DNS at 192.168.50.2. The remote network is 192.168.0.*, with DNS at 192.168.0.2. I can ping remote hosts, but I can't resolve their names, although syslog says the following: systemd-resolved[2865]: Switching to DNS server 192.168.0.2 for interface tun0. The remote DNS domain is ozone.caligrafix.cl. Here is what does and doesn't work, using a valid remote host name (cali00): dig cali00: fails dig cali00.ozone.caligrafix.cl: fails dig cali00 @192.168.0.2: works dig cali00.ozone.caligrafix.cl @192.168.0.2: works Here is the complete log of VPN connection setup: Feb 18 11:56:34 tadzim3 NetworkManager[2242]: [1487429794.9928] audit: op="connection-activate" uuid="ae3693ea-df59-414e-95a8-bf280a65b8db" name="cali-fw" pid=4439 uid=1000 result="success" Feb 18 11:56:34 tadzim3 NetworkManager[2242]: [1487429794.9976] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: Started the VPN service, PID 7173 Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.0048] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: Saw the service appear; activating connection Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.1165] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN plugin: state changed: starting (3) Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.1170] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN connection: (ConnectInteractive) reply received Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 10 2017 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: TCP/UDP: Preserving recently used remote address: [AF_INET]186.103.161.74:25402 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: UDP link local: (not bound) Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: UDP link remote: [AF_INET]186.103.161.74:25402 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Feb 18 11:56:36 tadzim3 nm-openvpn[7180]: [cali-fw-vpn] Peer Connection Initiated with [AF_INET]186.103.161.74:25402 Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: TUN/TAP device tun0 opened Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --debug 0 7173 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_6 --tun -- tun0 1500 1558 10.8.1.2 255.255.255.0 init Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1267] manager: (tun0): new Tun device (/org/freedesktop/NetworkManager/Devices/7) Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1368] devices added (path: /sys/devices/virtual/net/tun0, iface: tun0) Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1368] device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found. Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1443] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN connection: (IP Config Get) reply received. Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1463] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",8:(tun0)]: VPN connection: (IP4 Config Get) reply received Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: chroot to '/var/lib/openvpn/chroot' and cd to '/' succeeded Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: GID set to nm-openvpn Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: UID set to nm-openvpn Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: Initialization Sequence Completed Feb 18 11:56:37 tadzim3
[Touch-packages] [Bug 1665893] Re: DNS resolution of VPN hosts stopped working
*** This bug is a duplicate of bug 1667825 *** https://bugs.launchpad.net/bugs/1667825 ** This bug has been marked a duplicate of bug 1667825 Requesting Cherry Pick: dns/resolved: consider configuration from unmanaged devices -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1665893 Title: DNS resolution of VPN hosts stopped working Status in dnsmasq package in Ubuntu: New Bug description: I have been using 17.04 for a few weeks now, but a recent update seems to have broken DNS resolution for VPN hosts. The local network is 192.168.50.*, with DNS at 192.168.50.2. The remote network is 192.168.0.*, with DNS at 192.168.0.2. I can ping remote hosts, but I can't resolve their names, although syslog says the following: systemd-resolved[2865]: Switching to DNS server 192.168.0.2 for interface tun0. The remote DNS domain is ozone.caligrafix.cl. Here is what does and doesn't work, using a valid remote host name (cali00): dig cali00: fails dig cali00.ozone.caligrafix.cl: fails dig cali00 @192.168.0.2: works dig cali00.ozone.caligrafix.cl @192.168.0.2: works Here is the complete log of VPN connection setup: Feb 18 11:56:34 tadzim3 NetworkManager[2242]: [1487429794.9928] audit: op="connection-activate" uuid="ae3693ea-df59-414e-95a8-bf280a65b8db" name="cali-fw" pid=4439 uid=1000 result="success" Feb 18 11:56:34 tadzim3 NetworkManager[2242]: [1487429794.9976] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: Started the VPN service, PID 7173 Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.0048] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: Saw the service appear; activating connection Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.1165] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN plugin: state changed: starting (3) Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.1170] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN connection: (ConnectInteractive) reply received Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 10 2017 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: TCP/UDP: Preserving recently used remote address: [AF_INET]186.103.161.74:25402 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: UDP link local: (not bound) Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: UDP link remote: [AF_INET]186.103.161.74:25402 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Feb 18 11:56:36 tadzim3 nm-openvpn[7180]: [cali-fw-vpn] Peer Connection Initiated with [AF_INET]186.103.161.74:25402 Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: TUN/TAP device tun0 opened Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --debug 0 7173 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_6 --tun -- tun0 1500 1558 10.8.1.2 255.255.255.0 init Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1267] manager: (tun0): new Tun device (/org/freedesktop/NetworkManager/Devices/7) Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1368] devices added (path: /sys/devices/virtual/net/tun0, iface: tun0) Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1368] device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found. Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1443] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN connection: (IP Config Get) reply received. Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1463] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",8:(tun0)]: VPN connection: (IP4 Config Get) reply received Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: chroot to '/var/lib/openvpn/chroot' and cd to '/' succeeded Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: GID set to nm-openvpn Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: UID set to nm-openvpn Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: Initialization Sequence Completed Feb 18 11:56:37 tadzim3
[Touch-packages] [Bug 1665893] Re: DNS resolution of VPN hosts stopped working
Hi: Regarding why I believe this is a bug in Ubuntu: it used to work, and stopped working after an update, without any configuration change on my part. Besides, there has been some flux in the resolvconf/dnsmasq systems, see for instance https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1642973, which seems to have been solved. That's why I filed a separate report for this issue. As for a more complete description: The VPN is using OpenVPN, with PFSense as a server. I am using split DNS (check the "use this connection only for resources on its network" flag) ** Changed in: dnsmasq (Ubuntu) Status: Incomplete => New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1665893 Title: DNS resolution of VPN hosts stopped working Status in dnsmasq package in Ubuntu: New Bug description: I have been using 17.04 for a few weeks now, but a recent update seems to have broken DNS resolution for VPN hosts. The local network is 192.168.50.*, with DNS at 192.168.50.2. The remote network is 192.168.0.*, with DNS at 192.168.0.2. I can ping remote hosts, but I can't resolve their names, although syslog says the following: systemd-resolved[2865]: Switching to DNS server 192.168.0.2 for interface tun0. The remote DNS domain is ozone.caligrafix.cl. Here is what does and doesn't work, using a valid remote host name (cali00): dig cali00: fails dig cali00.ozone.caligrafix.cl: fails dig cali00 @192.168.0.2: works dig cali00.ozone.caligrafix.cl @192.168.0.2: works Here is the complete log of VPN connection setup: Feb 18 11:56:34 tadzim3 NetworkManager[2242]: [1487429794.9928] audit: op="connection-activate" uuid="ae3693ea-df59-414e-95a8-bf280a65b8db" name="cali-fw" pid=4439 uid=1000 result="success" Feb 18 11:56:34 tadzim3 NetworkManager[2242]: [1487429794.9976] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: Started the VPN service, PID 7173 Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.0048] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: Saw the service appear; activating connection Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.1165] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN plugin: state changed: starting (3) Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.1170] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN connection: (ConnectInteractive) reply received Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 10 2017 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: TCP/UDP: Preserving recently used remote address: [AF_INET]186.103.161.74:25402 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: UDP link local: (not bound) Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: UDP link remote: [AF_INET]186.103.161.74:25402 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Feb 18 11:56:36 tadzim3 nm-openvpn[7180]: [cali-fw-vpn] Peer Connection Initiated with [AF_INET]186.103.161.74:25402 Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: TUN/TAP device tun0 opened Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --debug 0 7173 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_6 --tun -- tun0 1500 1558 10.8.1.2 255.255.255.0 init Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1267] manager: (tun0): new Tun device (/org/freedesktop/NetworkManager/Devices/7) Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1368] devices added (path: /sys/devices/virtual/net/tun0, iface: tun0) Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1368] device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found. Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1443] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN connection: (IP Config Get) reply received. Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1463]
[Touch-packages] [Bug 1665893] Re: DNS resolution of VPN hosts stopped working
Thank you for taking the time to file a bug report. Since there is not enough information in your report to begin triage or to differentiate between a local configuration problem and a bug in Ubuntu, I am marking this bug as "Incomplete". We would be grateful if you would: provide a more complete description of the problem, explain why you believe this is a bug in Ubuntu rather than a problem specific to your system, and then change the bug status back to "New". For local configuration issues, you can find assistance here: http://www.ubuntu.com/support/community ** Changed in: dnsmasq (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1665893 Title: DNS resolution of VPN hosts stopped working Status in dnsmasq package in Ubuntu: Incomplete Bug description: I have been using 17.04 for a few weeks now, but a recent update seems to have broken DNS resolution for VPN hosts. The local network is 192.168.50.*, with DNS at 192.168.50.2. The remote network is 192.168.0.*, with DNS at 192.168.0.2. I can ping remote hosts, but I can't resolve their names, although syslog says the following: systemd-resolved[2865]: Switching to DNS server 192.168.0.2 for interface tun0. The remote DNS domain is ozone.caligrafix.cl. Here is what does and doesn't work, using a valid remote host name (cali00): dig cali00: fails dig cali00.ozone.caligrafix.cl: fails dig cali00 @192.168.0.2: works dig cali00.ozone.caligrafix.cl @192.168.0.2: works Here is the complete log of VPN connection setup: Feb 18 11:56:34 tadzim3 NetworkManager[2242]: [1487429794.9928] audit: op="connection-activate" uuid="ae3693ea-df59-414e-95a8-bf280a65b8db" name="cali-fw" pid=4439 uid=1000 result="success" Feb 18 11:56:34 tadzim3 NetworkManager[2242]: [1487429794.9976] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: Started the VPN service, PID 7173 Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.0048] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: Saw the service appear; activating connection Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.1165] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN plugin: state changed: starting (3) Feb 18 11:56:35 tadzim3 NetworkManager[2242]: [1487429795.1170] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN connection: (ConnectInteractive) reply received Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 10 2017 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: TCP/UDP: Preserving recently used remote address: [AF_INET]186.103.161.74:25402 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: UDP link local: (not bound) Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: UDP link remote: [AF_INET]186.103.161.74:25402 Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: chroot will be delayed because of --client, --pull, or --up-delay Feb 18 11:56:35 tadzim3 nm-openvpn[7180]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Feb 18 11:56:36 tadzim3 nm-openvpn[7180]: [cali-fw-vpn] Peer Connection Initiated with [AF_INET]186.103.161.74:25402 Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: TUN/TAP device tun0 opened Feb 18 11:56:37 tadzim3 nm-openvpn[7180]: /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --debug 0 7173 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_6 --tun -- tun0 1500 1558 10.8.1.2 255.255.255.0 init Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1267] manager: (tun0): new Tun device (/org/freedesktop/NetworkManager/Devices/7) Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1368] devices added (path: /sys/devices/virtual/net/tun0, iface: tun0) Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1368] device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found. Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1443] vpn-connection[0x5622aa56c370,ae3693ea-df59-414e-95a8-bf280a65b8db,"cali-fw",0]: VPN connection: (IP Config Get) reply received. Feb 18 11:56:37 tadzim3 NetworkManager[2242]: [1487429797.1463]
